Route Origin Authorization
$ rpki-client -vvf rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/666CE1E44F4B11ED9BC8823BC4F9AE02.roa
File: 666CE1E44F4B11ED9BC8823BC4F9AE02.roa (raw, json)
Hash identifier: NnvGkG6uN03EcISgCBFKR5kKXWddbFjA0+BWQ0fdIlI=
Subject key identifier: 28:7E:4C:76:3D:59:BE:C1:34:1B:82:34:1D:2E:8A:AE:D6:2B:26:51
Certificate issuer: /CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Certificate serial: 8D
Authority key identifier: CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
Subject info access: rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/666CE1E44F4B11ED9BC8823BC4F9AE02.roa
Signing time: Mon 21 Nov 2022 05:14:33 +0000
ROA not before: Mon 21 Nov 2022 05:14:33 +0000
ROA not after: Tue 31 Jan 2023 00:00:00 +0000
asID: 398343
IP address blocks: 103.102.124.0/24 maxlen: 24
103.102.125.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 141 (0x8d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91580D2/serialNumber=CA90D4D2125F0336B5398EE09977296F2E4092B4
Validity
Not Before: Nov 21 05:14:33 2022 GMT
Not After : Jan 31 00:00:00 2023 GMT
Subject: CN=637b0939-8024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:cf:b4:e4:0c:62:6d:2f:06:ec:6a:ae:78:d5:
17:17:06:54:b4:b7:20:ee:45:18:eb:1b:48:94:78:
6d:31:df:0a:52:fd:bf:b1:12:7b:d2:a9:64:67:91:
13:ed:46:02:8d:56:af:13:67:d2:59:88:1f:b1:cf:
a3:0c:68:e0:35:d0:23:70:03:17:d6:41:3d:79:c1:
22:d7:a1:0e:a1:a4:71:ca:7b:63:d8:55:4a:cf:82:
88:b6:16:7f:ec:72:08:70:93:55:8a:6a:4e:1a:8a:
fe:7f:bb:49:82:1e:98:c3:18:9d:43:8f:57:af:d9:
ad:08:8e:99:cd:93:e6:bb:1c:39:d3:c6:93:ce:1b:
a8:40:0d:48:eb:62:e3:a3:4e:11:64:d4:11:5d:a3:
fb:98:79:ba:15:98:07:4a:16:c6:20:1f:82:f8:23:
b5:a1:65:cf:a8:84:b8:ad:0a:5c:a4:3e:90:6a:8c:
b7:08:f8:bf:e2:e4:0a:44:99:90:18:14:b7:0d:3d:
46:23:93:fe:86:9d:cd:1b:33:08:0a:9d:26:6f:a4:
07:b8:88:af:55:a0:18:74:c6:8a:d3:f9:1b:27:2d:
c3:6d:79:7e:2c:0f:63:35:96:02:d6:3e:84:2a:73:
18:ce:9f:a5:1c:69:d3:02:dc:74:94:6e:ce:c9:b9:
a4:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:7E:4C:76:3D:59:BE:C1:34:1B:82:34:1D:2E:8A:AE:D6:2B:26:51
X509v3 Authority Key Identifier:
keyid:CA:90:D4:D2:12:5F:03:36:B5:39:8E:E0:99:77:29:6F:2E:40:92:B4
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/ypDU0hJfAza1OY7gmXcpby5AkrQ.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ypDU0hJfAza1OY7gmXcpby5AkrQ.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91580D2/EBC1AC2C184F11EDADBC3C65C4F9AE02/666CE1E44F4B11ED9BC8823BC4F9AE02.roa
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
103.102.124.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:96:15:d2:aa:fe:af:1b:40:8a:49:64:ec:d8:2b:7c:bf:63:
69:f7:25:47:c5:10:f1:e5:53:a2:3f:b5:19:bb:1a:bb:a9:4c:
33:55:b8:c1:b5:dc:c6:ac:9f:b6:6f:fb:ec:c0:e8:34:0f:89:
10:34:f2:39:ff:f6:4e:bb:27:f5:6c:fd:02:b2:f2:76:22:7b:
17:1f:a3:be:b5:71:79:e0:0a:77:23:40:43:2e:5e:5b:1c:d7:
27:13:8e:37:ba:7e:dc:38:cf:c6:32:d6:a0:1c:20:19:3a:e3:
3e:b9:db:09:d8:55:48:0e:e9:79:8a:cc:36:76:0c:e6:70:57:
6d:e4:88:c7:60:69:16:4a:90:77:92:eb:e7:4d:cf:c2:a7:00:
e7:cc:4f:cb:6e:96:d0:18:e1:d7:50:e7:28:1e:ef:01:2e:b3:
0a:e3:2c:4c:c6:cd:ff:9d:e9:84:42:34:61:02:8f:e2:7e:77:
5a:af:fb:d9:c4:f7:60:e9:9c:0f:7d:55:58:97:66:ef:e2:0c:
eb:e9:c9:89:21:6e:71:9c:7f:85:ed:c6:d7:2b:0c:db:c8:ce:
e6:2f:7a:b0:a8:9b:29:f9:f5:3a:f8:93:e3:26:2c:5e:7c:f5:
b7:94:80:49:1e:8c:54:96:30:30:1e:e4:fa:88:1e:1a:e0:aa:
7f:de:73:3d
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgICAI0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx
NTgwRDIxMTAvBgNVBAUTKENBOTBENEQyMTI1RjAzMzZCNTM5OEVFMDk5NzcyOTZG
MkU0MDkyQjQwHhcNMjIxMTIxMDUxNDMzWhcNMjMwMTMxMDAwMDAwWjAYMRYwFAYD
VQQDEw02MzdiMDkzOS04MDI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEArM+05AxibS8G7GqueNUXFwZUtLcg7kUY6xtIlHhtMd8KUv2/sRJ70qlkZ5ET
7UYCjVavE2fSWYgfsc+jDGjgNdAjcAMX1kE9ecEi16EOoaRxyntj2FVKz4KIthZ/
7HIIcJNVimpOGor+f7tJgh6YwxidQ49Xr9mtCI6ZzZPmuxw508aTzhuoQA1I62Lj
o04RZNQRXaP7mHm6FZgHShbGIB+C+CO1oWXPqIS4rQpcpD6Qaoy3CPi/4uQKRJmQ
GBS3DT1GI5P+hp3NGzMICp0mb6QHuIivVaAYdMaK0/kbJy3DbXl+LA9jNZYC1j6E
KnMYzp+lHGnTAtx0lG7Oybmk1QIDAQABo4IClTCCApEwHQYDVR0OBBYEFCh+THY9
Wb7BNBuCNB0uiq7WKyZRMB8GA1UdIwQYMBaAFMqQ1NISXwM2tTmO4Jl3KW8uQJK0
MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODBEMi9FQkMxQUMyQzE4
NEYxMUVEQURCQzNDNjVDNEY5QUUwMi95cERVMGhKZkF6YTFPWTdnbVhjcGJ5NUFr
clEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp
LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy
RkQxRkYyL3lwRFUwaEpmQXphMU9ZN2dtWGNwYnk1QWtyUS5jZXIwSgYDVR0gAQH/
BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p
Yy5uZXQvUlBLSS9DUFMucGRmMIHLBggrBgEFBQcBCwSBvjCBuzCBgwYIKwYBBQUH
MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx
NTgwRDIvRUJDMUFDMkMxODRGMTFFREFEQkMzQzY1QzRGOUFFMDIvNjY2Q0UxRTQ0
RjRCMTFFRDlCQzg4MjNCQzRGOUFFMDIucm9hMDMGCCsGAQUFBzANhidodHRwczov
L3JyZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwHwYIKwYBBQUHAQcBAf8E
EDAOMAwEAgABMAYDBAFnZnwwDQYJKoZIhvcNAQELBQADggEBAByWFdKq/q8bQIpJ
ZOzYK3y/Y2n3JUfFEPHlU6I/tRm7GrupTDNVuMG13Masn7Zv++zA6DQPiRA08jn/
9k67J/Vs/QKy8nYiexcfo761cXngCncjQEMuXlsc1ycTjje6ftw4z8Yy1qAcIBk6
4z652wnYVUgO6XmKzDZ2DOZwV23kiMdgaRZKkHeS6+dNz8KnAOfMT8tultAY4ddQ
5yge7wEuswrjLEzGzf+d6YRCNGECj+J+d1qv+9nE92DpnA99VViXZu/iDOvpyYkh
bnGcf4XtxtcrDNvIzuYverComyn59Tr4k+MmLF589beUgEkejFSWMDAe5PqIHhrg
qn/ecz0=
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:22:40 2023 by rpki-client on console-ams.rpki-client.org